Latest version of the BFT-SMaRt library (v1.2). Includes source code, binary, javadoc and runscripts. This release includes mostly bug fixes and some new minor features. Since it is the most stable codebase so far, it is no longer considered beta.

New features

• Implemented the ServiceReplica.kill() and ServiceReplica.retart() methods. ServiceReplica.kill() stops the service execution at a replica. It will shutdown all threads, stop the requests' timer, and drop all enqueued requests, thus letting the ServiceReplica object be garbage-collected. From the perspective of the rest of the system, this is equivalent to a simple crash fault. ServiceReplica.retart() simply cleans the object state and reboots execution. From the perspective of the rest of the system, this is equivalent to a rash followed by a recovery.
• Added option "system.communication.defaultkeys" to use the same key pair across all processes. This is meant to be used on experiments and benchmarks, so that deployment is more straightforward, without the need to manage keys.
• Added option "system.communication.bindaddress" that allows the replica to fetch its local ip address on its own when binding Netty's server bootstrap (instead of relying o the ip address present in
• Added option "system.numnettyworkers" to specify the number of netty worker threads created at each replica.
• Added option "system.samebatchsize" to force all replicas to receive the same number of requests per batch (not to be confused with the batch used for the PROPOSE message from the ordering protocol). config/hosts.config). This way it is possible to avoid editing config/hosts.config at each replica when running inside docker or when deploying in Amazon EC2 with elastic IPs.
• Replaced the library's proprietary logger class with SLF4J with the logback implementation. Also replaced all System.out.println and ex.printStackTrace methods with adequate SLF4J invocations.
• Included xml configuration file for logback at the ./config directory.
• It is now possible to supply to the library with custom key loader that overrides the default RSA key loading mechanism via the new interface KeyLoader (which can be supplied to the library at the ServiceReplica and ServiceProxy constructors). This is useful for applications that also need to use and manage the same structure of keys as the library and/or to use different public key algorithms/providers.
• Algorithms for hmac, secret keys, signature and hashing are now configurable at the config/system.config file. It is now possible to indicate the specific security provider to use for each algorithm.

Code modifications

• A leader election is now automatically triggered if replicas receive an invalid PROPOSE message from the current leader.
• Modified Netty's client communication system to share a single EventLoop across multiples channels (instead of creating an event loop per channel). This was done to conserve system resources.
• Removed constructors that allowed replicas to join the group, as well as the command to make them leave. Only the VMServices process is supposed to have the authority to manage the group, so these functionalities were superfluous and missleading.
• AsyncLatencyClient now supports the same parameters as ThroughputLatencyClicent
• Removed the "dos" parameter from ThroughputLatencyClient, since AsyncLatencyClient ca be used for that purpose instead.
• Added new parameter to appExecuteBatch method in DefaultRecoverable that indicates if the command arrived directly from the total order algorithm or if it is being applied by the state transfer protocol.
• Removed RandomDemo and LatencyClient/server demos from the bftsmart.demo package.
• Removed redundant FIFOExecutable interface.
• Modified RequestVerifier interface to receive the entire TOMMessage instead of just the payload.
• Implemented parallel signature verification when a full PROPOSE message arrives at the replicas.
• The algorithms for hmac, secret keys, signature and hashing are now the same across all parts of the code. The new defaults are, respectively: HmacSHA512, PBKDF2WithHmacSHA1, SHA512withRSA, SHA-512.
• Created a completely new implementation and interface for the BFTMap demo available at the pacakge bftsmart.demo.map.
• Implemented a simple flow control at client side so prevent the virtual machine from exausting the heap space if asynchronous clients aggressively send requests to the servers.
• Generated new default RSA keys with 2048 bit length (available in the ./config/keys directory).
• Library now compiles for java 1.8

Bugs fixes

• Fixed bug in the state transfer that would happen when the system had only a single replica.
• Fixed bug in the "system.numrepliers" parameter that would default to a single replier instead of to the default Netty communication system
• Fixed bug in the AsynchServiceProxy class that would case a race condition between the client and the servers. The client would store its sequence number after sending its requests, but if the servers responded quickly enough for the client to parse the replies before storing the sequence number, the messages would be discarded.
• Fixed bug related with unreleased Netty thread resources at the client side.
• Fixed bug in the state transfer protocol that would trigger after adding a replica to the view.
• Fixed bug on the leader change protocol that would occur if at least one of the messages in a consensus proof was invalid.
• Fixed memory leak at the netty communication system that prevented file descriptors held by clients from being released, even if the Netty channels were explicitly closed.
• Fixed bug in the state log of the DefaultRecoverable classes that would occur during de-serialization if the batch of operations contained in each entry had commands too large.
• Fixed bug in the reconfiguration protocol that would occur when a replica was removed from the group and them added back to it, which would prevent the replica from correctly resuming execution.
• Fixed null pointer exception on the leader change protocol that would happen if the leader crashed before any consensus message was exchanged among replicas.
• Fixed bug on one of ServiceReplica constructors that would not create the default Replier object if a null pointer was passed.
• Fixed bug on ServiceReplica where it would not invoke a custom replier when using the batchexecutor interface.
• Fixed null pointer exception in the default replier object that would occur during a reconfiguration.
• Fixed bug that would make the currentView file always be created in the same local directory regardless of the path that is passed as an argument to the ServiceReplica constructors.
• Fixed bug in ServiceProxy that could result in threads being stuck while invoking the invoke method a second time.
• Fixed mistake when evaluating the time elapsed since a request was received for the leader change protocol (time units were in nanoseconds but evaluated as miliseconds).
• Fixed bug on the leader change protocol that occured if the leader crashed and the timeout task triggered without any requests actually expired, which would make the system block.
• AsyncServiceProxy now supports updates to the view that come from the replicas.
• Fixed bug on the state transfer protocol that would calculate completely wrong the number of matching values for the current leader and regency.
• Fixed race condition in Netty's writeAndFush() method in the client/server communication system, which would cause message to include wrong MACs while disseminating them across multiple targets.
• Fixed vulnerability that would enable a malicious leader to perform replay attacks.